urlscan.io logo urlscan.io
SecurityTrails logo

oncorretor.com.br Open in urlscan Pro
2606:4700:3037::ac43:a841  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://oncorretor.com.br/
Effective URL: https://oncorretor.com.br/
Submission: On April 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 79 HTTP transactions. The main IP is 2606:4700:3037::ac43:a841, located in United States and belongs to CLOUDFLARENET, US. The main domain is oncorretor.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.
This is the only time oncorretor.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

31    2606:4700:3037::ac43:a841 (United States)

ASN13335 (CLOUDFLARENET, US)
oncorretor.com.br
construtor.oncorretor.com.br
3    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ukwest.onetrust.com
geolocation.onetrust.com
9    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
10    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    201.90.114.102 (BelĂ©m, Brazil)

ASN4230 (CLARO S.A., BR)
t-construtor.mstech.com.br
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
31 oncorretor.com.br
oncorretor.com.br
construtor.oncorretor.com.br
1 MB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
324 KB
12 onetrust.com
cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 5362
geolocation.onetrust.com — Cisco Umbrella Rank: 610
132 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 85
856 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
jnn-pa.googleapis.com — Cisco Umbrella Rank: 226
122 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
static.doubleclick.net — Cisco Umbrella Rank: 260
1 KB
3 mstech.com.br
t-construtor.mstech.com.br
35 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 241
2 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 109
9 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
0 ipify.org Failed
api.ipify.org Failed
79 11
Domain Requested by
21 oncorretor.com.br 1 redirects oncorretor.com.br
10 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
10 construtor.oncorretor.com.br oncorretor.com.br
10 cdn-ukwest.onetrust.com oncorretor.com.br
cdn-ukwest.onetrust.com
9 www.youtube.com oncorretor.com.br
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
3 t-construtor.mstech.com.br oncorretor.com.br
3 fonts.googleapis.com oncorretor.com.br
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 geolocation.onetrust.com cdn-ukwest.onetrust.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
0 api.ipify.org Failed oncorretor.com.br
79 16
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-11-26 -
2023-11-26		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.mstech.com.br
Go Daddy Secure Certificate Authority - G2		 2023-03-16 -
2024-04-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://oncorretor.com.br/
Frame ID: B63B40CEDE8D703C1E171F74CCE463E0
Requests: 57 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Frame ID: BF3CE2510F2E8CD0C27FED237FB24259
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OnCorretor Back ButtonFilter Button

Page URL History Show full URLs

  1. http://oncorretor.com.br/ HTTP 301
    https://oncorretor.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

79
Requests

97 %
HTTPS

92 %
IPv6

11
Domains

16
Subdomains

14
IPs

3
Countries

2650 kB
Transfer

6548 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://oncorretor.com.br/ HTTP 301
    https://oncorretor.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
oncorretor.com.br/
Redirect Chain
  • http://oncorretor.com.br/
  • https://oncorretor.com.br/
97 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET ARR/3.0
Resource Hash
ca10229f3a065196ec44c33c8abb504c369eb8d8c1ae45ea995a711d26fc9822
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7b9643d63b302c04-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 17 Apr 2023 17:07:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BOQ%2FU1thIJIS%2FW14gw%2F1dB2l3aSd16BuYnnJZb6zdaH%2FunYct%2B1uma94K52fQL%2FCG0WWhkGaicewD%2Bc2nS1wzkNtfjrqbM6ELMZU99sO5roLYv8Wey5XesCbCw6QvfA%2Bk%2B3inP7r%2BW5%2BrL6F%2BlzCg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
statustext
OK
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
4.0
x-frame-options
AllowAll
x-powered-by
ASP.NET ARR/3.0
x-ua-compatible
IE=edge

Redirect headers

CF-RAY
7b9643d5f8e4373e-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 17 Apr 2023 17:07:33 GMT
Expires
Mon, 17 Apr 2023 18:07:33 GMT
Location
https://oncorretor.com.br/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzRGb2J99BCVgqAt5N5RmeoBdy5CLPzRzuwk9fiwZEGyL069Huk5cCkbtGMLd%2F%2F5IFZ3i6%2BkJwi48JmTgHMfTikLXIzr2BMrg0glCJk1vkWmACAq2Ldz%2FFDDCqN0GrVC3eC7yQVy6Nrh8QojvdgHZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1facb73bf4ab09d88c0d7afb15a478bd24841ea3710a595186947939e53c0782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 17:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 16:59:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 17:07:33 GMT
otSDKStub.js
cdn-ukwest.onetrust.com/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 17:07:33 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
+GAQ9uZzuyMATxU6dGRBFA==
age
36247
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6741
x-ms-lease-status
unlocked
last-modified
Tue, 11 Apr 2023 19:20:00 GMT
server
cloudflare
etag
0x8DB3AC1BEC5BA19
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
36457fbd-401e-0021-0f0c-6d49aa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b9643d8cd58bb4a-FRA
expires
Tue, 18 Apr 2023 17:07:33 GMT
ThemesBase.min.css
oncorretor.com.br/content/bundles/ 		220 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
8da30421af9bdda9d9ffa1e2a02f91c4b8b4e6983cb3c9e559627d96ab710d2c
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:14 GMT
server
cloudflare
etag
W/"09d52fcd1e4d81:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tobLKIvy97wLwX7rYR4aYb2uueC6HhxkIeN4E2JH7kyKKKEJEKhVVecf8chVdw%2FUewZDFSitx%2FgnZbV89eQOXWHN2t2AkQyA2JYNxcJHWkrXiv1WF56G8It6xFO6b6IrziX65YtU8TlB9sFgXdf7Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b9643d89f972c04-FRA
statustext
OK
Tema_VinteDois.min.css
oncorretor.com.br/content/bundles/ 		55 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
4668c1865157dba21d7a7e72a1007e3513a59c16eee8a1740f6c2faa69ff83e9
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:14 GMT
server
cloudflare
etag
W/"f12a8ffcd1e4d81:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2B4y6klbalLGSbrY5z9fvsCFU4F660YYoCpHvNMMPpph4ewiNPcfkPC3XRjKcBTjLw6GwxINBmXeLIBioyJlWlzEiJ117wvGZr0zCXhIw6m4YFTSbYc%2BYxMyFbMvXpxS6nt3ZbJXhQgc%2FA%2FGkTGtDw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b9643d89f9a2c04-FRA
statustext
OK
bundleModernizr.min.js
oncorretor.com.br/scripts/bundles/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleModernizr.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
228e5724f42da8822bb4c023aa371dd929c43657c76a7a0cb6b13f555a29f79a
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:33 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:39:10 GMT
server
cloudflare
etag
W/"0a337664157d41:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPU2amjWtrgAGvH6UePAPF5d18eLqzbEMYhrRoH7%2B4UuFHdyVcnjTsAeFyMhCFROWE0OWe6r8eSqO1B5QS4HH32leSpdJgWafSJFM8q%2BBWVnbE5%2B0EoUa9oeGmcNMB9RqOP7MIqKy5KuM23RrBBx1g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b9643d89fa02c04-FRA
statustext
OK
bundleJQuery.min.js
oncorretor.com.br/scripts/bundles/ 		321 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleJQuery.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
614c2c16836adff497003759038d70809d2413f3e54da26e0400625cea2804d0
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:30 GMT
server
cloudflare
etag
W/"05dc5d2e4d81:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6Cx8EqeupiLGWoZI7Q74e08lPa%2BiJ0spmwPKF6zV0nYPG2lDUP%2F0SkxuEM9QWXxZgo60JBKEL3JR3TULXr9oGw9GruSSpOegOYR6Qhd38on%2FehOYEUoeSfnAbUQ0UqpcMwan6iiytDfPVLIAAfnRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b9643d89f9c2c04-FRA
statustext
OK
bundleCustomUI.min.js
oncorretor.com.br/scripts/bundles/ 		257 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleCustomUI.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
d36bf5cd9297a7fceb45510c912556bce0f00977be215b9617da5a9cccb7ff0f
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:30 GMT
server
cloudflare
etag
W/"05dc5d2e4d81:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BROF6tzHTEJ32PKvGbWjCKax6XdeUUAqrY7YrWinZTKIMxjYJxM5%2BUZo2XG8psNMvwaN9G%2FFXIz7cvN5z4hhj2JocgaNGj2T3Z8eCviB98iNboPU1qP3gZgKhpd3eOcUu7JFg7byzUWW0ITRaj1oKg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b9643d89f9d2c04-FRA
statustext
OK
bundleMst.min.js
oncorretor.com.br/scripts/bundles/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleMst.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
26e3c64b00ad8007a54332911a6c5a67c1a7d6303e51d7f24b90ee6fa91f1297
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Thu, 26 Mar 2020 15:42:11 GMT
server
cloudflare
etag
W/"80cb3b1d853d61:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7T3JTbQ4%2FIgm%2BykOEB4VDkniXEvQviV%2FSu3SJrSpXtz42viTJqhF%2FWF2jiTm2JLZ29oDyGeSEWEfbVIj9jD3fhtu1Y0Jmqls2Fn6B7P1pTE8noaqoRDi4V3Pmk3kOF57dBPNF%2FA9PQXivy50xVY%2FQw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b9643d89f9e2c04-FRA
statustext
OK
echo.min.js
oncorretor.com.br/scripts/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/echo.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
21466243c4482fa9843b9b7bb460076520cab54532c018a86c9151db666bac40
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:33 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Mon, 18 Feb 2019 19:22:10 GMT
server
cloudflare
etag
W/"0dd633ebfc7d41:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIg82BafR9FnLncQNVQRG5ma7y5yyBHRLOySvw6nPyrzFJLGdn2qztGJ3R3StzdlDplgv3L4kzmlTjFZmmkAiIWqH%2FgLM9LumFwnes1ZONDInVlENId1KGj2DeRwQA0NS2o8Uc%2FGPQ9uFh%2Fem5ZJnA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b9643d89f9f2c04-FRA
statustext
OK
ajax-loader.gif
oncorretor.com.br/Content/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/Content/images/ajax-loader.gif
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3208
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:38:44 GMT
server
cloudflare
etag
"05ab8564157d41:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKQbyB8UzlHf7Re9vyn3Ljb26WZXBWDNuLg0FDzFqnTqFMymJdckU8InDkirugwegFcMxBNXBn3QqME3WMIMD7kX%2FpPeNKRqJ99F03KXbWN%2B%2Bh%2BMLR5bpLrVnCszD2%2Ba0ePHljAx2k0QZW%2FL0SVofw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7b9643daffb29c0c-FRA
statustext
OK
http_imgload1.gif
oncorretor.com.br/content/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/content/images/http_imgload1.gif
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
e60853622a54f85bfb4bab4c133c54e3a304386dfb19c23c8512d10e50d56bf4
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1460
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:38:44 GMT
server
cloudflare
etag
"05ab8564157d41:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fOg4NvpmUjQW8iz77NLuj1HPLfdDbJ0MHhZIHWhfFWp2Xqn53KZUvDpURtdA2Q07NRwdBJ3qoC1IbLPi0j2mQzd%2F%2FnfCH60NcZJvHR2eFb%2FW8db6IFhVhulyEjpKNpsHD1iKpKayymUSVBv7RSuAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7b9643daffb49c0c-FRA
statustext
OK
ico-headset.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		403 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-headset.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
1c08d75229d36229f9db2aac485b2fd3d0a48c787afecbbbb8058d3fa0cda8d2
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:27 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pB%2B9tJCehBzwhAXNdCMEL5v%2FbWxpoPbkLTrQNPCQR9yMB7Qzp10Iy3%2FqpKmsFg8UQPMKCBreScJUaq0BPW6pdvnTBNzXxeN2o1OeYuSl2LtThGZ2BIxz83mWhfYWEcmvWUZLXRcdKKp6n8AinmmXVf%2Br021rZvc3Mrjn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7b9643dd5f162c04-FRA
statustext
OK
ico-whatsapp.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		503 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-whatsapp.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
4fbe0518411a4427a60e5e7baf7c1b2d11731efd024cb239333ac0d530506456
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:26 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8YDWiTEQo%2FLG%2FWyiw%2FWS%2FG%2FKOcP%2FES1CoQZ3rlar6gpgiOf0yxdEDAFZ842eRkINQBgmG2X83AercL12toiFMf5JNEwuvw%2FUob0RrSvNgU%2Bo8cBEbGU0MV4jIQhNdKiCsmmfqIjZkIxg6y3I3zap9Jq605D33fKtTv8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7b9643dd5f152c04-FRA
statustext
OK
ico-usuario.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		798 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-usuario.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
37f117fe797c82efbddf3dc26f13fa2a5e95897ea8d9b695de7caf206dd27565
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:28 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOwrr6pqerPSLcAHRoog3%2B9pUJuRlTkA5mmEqxdUTLs5v6bOgkruBxyqB56Ej1VmliSsdhP988%2Fb2mow%2BYCKXdLjUSqPV%2B1JUTQiCajVhvAqaIbW%2FV%2FBPv0w20ZuTIy1iL0M5nN5kNqfKsov%2FYwgUSPlvJhMXavRCEJO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7b9643dd5f142c04-FRA
statustext
OK
ico-suporte.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-suporte.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
ebfd38a16291aa6acd56699f5839b9c6adc54be515d77bc8b25ac0d044e029ad
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Thu, 12 Mar 2020 12:46:11 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QRUcQWmua46vMfYeQVguvqnHlpK%2FmWmu02mdH2E7als2k3nxECHj6qfm4vjP0RpF8G0GT9B4cfw2DTeFJGPMWcankN0CnFh4tIVg6V5XC9QKp6fyYG%2BR6%2ByQgMVsOIKAExibVVhgBzVm0NmQzwdbvUEwzRiacvmNbQh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7b9643dd5f1a2c04-FRA
statustext
OK
ico-produtos-prontos.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-produtos-prontos.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
cfbb7d3aee4af4a0846149bd38dd50b4d12c624a20952150cc60159176a977fb
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Mon, 27 Apr 2020 12:07:26 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzzPYzFvRX76Xw0LvzbP6XaWg4MJtEPZjl6cHHD29pYmkSNzh8EKJ4q%2FTSHU5AhL7NJtcLIFS5mdfa0mUCJl%2Ba2Lk3ElYFpdfCDerx%2BtC7KTQveefjrEi1Dp9C8MeLrVXN9MvzUPXMUTfUeBomQGKhPQ4%2B3eS0DSRALk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7b9643dd5f1c2c04-FRA
statustext
OK
ico-potencializa-presenca.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-potencializa-presenca.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
055740ee6c82f82a64354b7916b547e6946ba467dbbf6bf0c1c4eae0eaaedbaf
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Mon, 27 Apr 2020 12:19:22 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ia8rwheUDAjMfhs0S7ANoe5osN1kROtYdKnW7srleW9t2iWyHbx9psMnz0ufTZizzFouHsLQ1VG2SuTvRqTarAF4tHRejx3GKSkG9KDBhOgiFtyzGBX%2F4NkpvthAT1Z8aP3pFKX4xWFqCnJ4ecWoFLtHAfEqlI32OAKv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7b9643dd5f172c04-FRA
statustext
OK
ico-email-mkt.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-email-mkt.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
e3c408ae38a005bd07ee5354fe2e349e6578ed9d28ac65af523486e4873df4ea
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
43372
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Thu, 12 Mar 2020 12:46:12 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KYn%2BSOPKb66Xpe1WpkuwVaTs5nkPeg3z701%2Fz5oNq9SHLUXKsBAzcJPLr4SbtaEqKkNZfsnxDSofLWMRUm9lqke8LFpCxYwWe32%2BZfiiKoRIB%2BXf7EZSydU8i0z3L5X5Hl6X5CeHAR95wP%2FddoGmimpEyqACjLp3rV6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7b9643de7ce49c0c-FRA
statustext
OK
ico-cofrinho.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-cofrinho.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
41dfba8c597663a81aa3b5685cbfeb86ec2eb49ac5663bd3232f0aa42862ffcb
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
43372
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Thu, 12 Mar 2020 12:46:11 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFi22kPQI8Id5A6hjAdjOHUl7FiavS76IkMtfEdMn%2FpKaNw1RIBmtH7jBNQLzWdM8QgGS5HPxkIAwdb4Q4DQOBePL871A%2B%2FwHm6zzpu32yfVB5H3QF8vmKA8yQnF0WjSCcpc9TpFMJvF2GogENxklWljxhiOS0YpOvGZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7b9643de7ce59c0c-FRA
statustext
OK
ico-usuario-md.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-usuario-md.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
d69055c0bb25f88931abe7a5483ed1a66744a3b2960586c2d93891015a1d3b94
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
43372
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:17 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuHbDMpQe%2BKRNJppDzV1biuFi9i7LUfhj0vSq9zMD8LvqJ0uy%2Bho4%2BIlrCIIqE4RvCyDl67VgZeGS%2FC8epNZRU3i2KcN1cVKZ63F7Qo6HM8q0tNEUftz8vy9IM%2B%2BKs4v0Jch2x8erR%2BPbOzQzS5flTUYUddXQTGghvsh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7b9643de7ce99c0c-FRA
statustext
OK
email-decode.min.js
oncorretor.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Apr 2023 15:48:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"642ee9e0-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dk0opPEvra61LFsQXCRZW1dRLVuSxkAuWaFMleAoXzpG4bOeXhVzWv32Ywk4%2FelQs%2BjRzk3wIDThoilNr5wct6vK8ApTURga4gBouJAKdoun7FF1KZwSQ0iM6wstgakdu44V7apAun2SFs0iF59VuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7b9643daefac9c0c-FRA
expires
Wed, 19 Apr 2023 17:07:34 GMT
css
fonts.googleapis.com/ 		14 KB
878 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700&display=swap
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
622b8e18adba20c7b8f32e9cd7b49b2ebc2a9c6e5a4d31076a84605f38e151ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 17:07:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 17:07:34 GMT
icon-zapzap.png
oncorretor.com.br/Content/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/Content/images/icon-zapzap.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
b2921cdf4de2dc6ade3d36eeb95dce7cd56bfdac50c346fcfe50cbf7d799b1f9
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19212
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:38:44 GMT
server
cloudflare
etag
"05ab8564157d41:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrCgE98WFqCC1qnYNHbFbuG9leKj3W0jlHIRtcldezSKrbTmaasi7kHevyMww0Ggo8s0vvX%2FWRprCTTD0NjOjcJ6EgRMzNtX5jO84pSjag9%2Fa6agq2GD23g7z3A%2Fqw5Js6%2BITvmpWWjVqCMxmDAxAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7b9643daffb59c0c-FRA
statustext
OK
bundleUnobtrusive.min.js
oncorretor.com.br/scripts/bundles/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleUnobtrusive.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
ce6187956822e965a48b8f8d5af506c9308282cea73c424c3573013c09c87adb
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Wed, 02 Jun 2021 15:12:14 GMT
server
cloudflare
etag
W/"01b1abc157d71:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOpshhf36a54nIICSD4cuOLad2FZAcEmuDWyU8mY%2Bgs8oVeoDE0V4rsa%2BLfZTFOK1Jn7Sze00rxXETNNRhE08TEyILWMuimHn38qZMAoIWbqy1J7lKbfQpEs2YlZasF1KjFSoMX4bFxDSWQWOKcL1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7b9643daffb09c0c-FRA
statustext
OK
4a4794da-bb8f-4f22-9f90-361901d2867b.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/4a4794da-bb8f-4f22-9f90-361901d2867b.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce2e0617f95c297d9cdb2ac5a31e520d929122c73a8ab2c22abf17d049cde74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
ZAKwUaFYEsEwrgOPhKB5IA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1083
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:36 GMT
server
cloudflare
etag
0x8D86548C9A2AE38
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
da50b7a5-601e-0036-47b3-6c89c9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b9643d94dd19bac-FRA
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://oncorretor.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7b9643d9ae9b9bac-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/ 		338 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Xs4BplpA7QV+zkRYpo3+wA==
age
34581
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
73082
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:31 GMT
server
cloudflare
etag
0x8D854CC113CF89C
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
874b61c8-e01e-0068-3243-6c7aca000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b9643daf87abb4a-FRA
expires
Tue, 18 Apr 2023 17:07:34 GMT
css
fonts.googleapis.com/ 		328 KB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
602e6102a9d386bf6321e43dc289605c5c3d413f98a84abcf9addae89633e1cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 17:07:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 17:07:34 GMT
PortoRoobert-Medium.woff2
oncorretor.com.br/content/themes/base/fonts/porto-robert/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/base/fonts/porto-robert/PortoRoobert-Medium.woff2
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
41bba2536c7561e281809703bf9437582bfa1ce4862a9fbd80a5778d773e9f60
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23900
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:24 GMT
server
cloudflare
etag
"81e5c02d2e4d81:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FRQhE%2FZphl%2BkLA7vS4J3Qazdi01AXLqr17WSzjXF2JX9bMkKJw4pLLE0wY28jcigiUhgi0ZewP1H3Y4qYw%2FEYAAI4aQZU%2FXgxABDDC6ry%2BBLnqRMCVOf5hUZXnpCzk2oV3%2BEplLm7L%2FpbSZyLl%2FMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7b9643daffc19c0c-FRA
statustext
OK
pt.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/ 		20 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/pt.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157cef6e4bf8b2f6648030cec38d547ae654e35bca30baa4201dfc12031a6ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
pD91Xah8p1mVB+xlu8vNyg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7803
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:39 GMT
server
cloudflare
etag
0x8D86548CB345E78
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
dbda22f3-b01e-0034-254e-6e8b33000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b9643db39f69bac-FRA
otFlat.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otFlat.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
R7qOr1WClmhADOzbz5s+Bw==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3248
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:20 GMT
server
cloudflare
etag
0x8D854CC0AEB8866
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
852f24e6-101e-005f-75ce-6fd665000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b9643dbaab89bac-FRA
expires
Tue, 18 Apr 2023 17:07:34 GMT
otPcTab.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		57 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otPcTab.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Mg7iJdVoxVGmqw/VwCobbQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14112
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:22 GMT
server
cloudflare
etag
0x8D854CC0BEE9132
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
96a19150-701e-0000-6343-6c249b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b9643dbaaba9bac-FRA
expires
Tue, 18 Apr 2023 17:07:34 GMT
/
api.ipify.org/ 		0
0
NFhZ1WJYYy0
www.youtube.com/embed/ Frame BF3C 		72 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9bc8fdfb94cb4e458d945c787994ab3bf86abde54200fa60892d05a025d1c3f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oncorretor.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Apr 2023 17:07:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
banner-home1.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		661 KB
662 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/banner-home1.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
546cd586e691a114a7dd6a258b7c1e07561b3232226375dc54d80133d687a1f8
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:17 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RTJjhqf21jNqXkq5xGSq1E32NdqYmAdSDaV4rXW42eIgKxNfZkM5F1ojefb9cgs8VTtBDWRUMN0AeAlngrhyRlvnbFacPwCndul%2F%2B0ZnUOdOb9WZclb5KI9iecnO5m5ahzo3qFrdnpaGZAYthO8W8wK%2B%2BfnMYt%2BZagi"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7b9643dd5f112c04-FRA
statustext
OK
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.118.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21bcdb45a9da93f60db773abfc0660347b15f2f363baacf2b2be56747befc3d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 20:10:52 GMT
x-content-type-options
nosniff
age
507402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17576
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:55:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 20:10:52 GMT
xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.118.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40f23f7fb2798d8febd60d5c42ea1694370b18e5fe91fbe7783df98358d7973b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 13:26:24 GMT
x-content-type-options
nosniff
age
531670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17684
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 13:26:24 GMT
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.117.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34a693cbdc7707515a18d4a070c9422d9ffa212148ffc19407e7da937e0bffc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 18:13:59 GMT
x-content-type-options
nosniff
age
514415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13340
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:55:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 18:13:59 GMT
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.119.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a31dd135b233457652c1f5373c3eb05202bf106bef31f0a6a46654e5235f7719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 15:41:32 GMT
x-content-type-options
nosniff
age
523562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60552
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:55:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 15:41:32 GMT
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.59.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.59.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0668f33995f935ba82833d444f697f83d9bc10829895199f30aed5eb63ee4c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:39:24 GMT
x-content-type-options
nosniff
age
502090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18900
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:03:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 21:39:24 GMT
xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.119.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c79f1d4b1143b7b00fc82fbc8d80557525d7d127e0203a90ba23fbd8578fedee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 12:43:06 GMT
x-content-type-options
nosniff
age
534268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60536
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:04:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 12:43:06 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:31:18 GMT
x-content-type-options
nosniff
age
542176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:31:18 GMT
4a4794da-bb8f-4f22-9f90-361901d2867b.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/4a4794da-bb8f-4f22-9f90-361901d2867b.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce2e0617f95c297d9cdb2ac5a31e520d929122c73a8ab2c22abf17d049cde74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
ZAKwUaFYEsEwrgOPhKB5IA==
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1083
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:36 GMT
server
cloudflare
etag
0x8D86548C9A2AE38
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
da50b7a5-601e-0036-47b3-6c89c9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b9643dd0d4e9bac-FRA
multicanal.woff
oncorretor.com.br/content/themes/base/fonts/multicanal/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/base/fonts/multicanal/multicanal.woff?enk4db
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
d3ca7c93e7081f8c75b63c797e61736d4e4939fce38c0b0e54c25efb8747a55f
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3340
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:24 GMT
server
cloudflare
etag
"81e5c02d2e4d81:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUafXQL13Rx5JqPRi1qVCGXKutWK8NBZ2bkR%2Ba%2F0vbW2RwcVb9ivx%2FjLLF6UYYqAHVQpkU%2FZYa7VOP8YDuKmmpb%2B582Qs5QPqOCSZxXxocKwUkL%2FgFfZVZKE8XlwuEGCLbpB2FNq277JgNF0nyrSuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-woff
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7b9643dd0acf9c0c-FRA
statustext
OK
taoui.woff
oncorretor.com.br/content/themes/base/fonts/ 		100 KB
101 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/base/fonts/taoui.woff
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
abff1010af6774dbb9d1c68772e63a66f95b2aeb273af6b272ddc6cc6f9b6cf8
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
102464
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:39:02 GMT
server
cloudflare
etag
"0ef72614157d41:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfMXOwORvDb0TIHUuvZ7UTApoE474cnPD%2Fv4EP7EjPVjgyAiVKyqq5vvC7fkQFfJUplnOLWuu1Hax7CfKb%2FkzNAU0gc6Gq9ydizNdN1AOzUZbInR1nefvDA4dtgnQXLXD9S%2FrIBBR3VOxbewZR%2B9EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-woff
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7b9643dd1aeb9c0c-FRA
statustext
OK
ms-social-icon.woff
oncorretor.com.br/content/themes/Tema_VinteDois/fonts/ms-social-iconfont/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/Tema_VinteDois/fonts/ms-social-iconfont/ms-social-icon.woff?osj28
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
1e3e738cbaa772a437bd8bd392009a42523e6016fcc8cbd526c57c8f57be3142
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4576
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:28 GMT
server
cloudflare
etag
"2f7cb4d2e4d81:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuwOrZIHeZfImKxAiZbNoO4HGPo4WE%2FZHtPWz%2Fuiyha5GQFaRb9T4qWKKYlN2pHYBQjHrmEGNTlbFcIfQeufeEVhE9UAtZD2Fqu0A2MyHuys9Agc7tA4%2F%2Fob%2BkORtRapndczrD0gwHfKqhkBAfTaZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-woff
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7b9643dd1aec9c0c-FRA
statustext
OK
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://oncorretor.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7b9643dd3db39bac-FRA
access-control-allow-headers
Content-Type
bg-video.png
t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ 		16 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/bg-video.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
201.90.114.102 Belém, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
fdb409788f6e7f06297d50fdc6f9dcf2b50682e8d9aeb61890d490fe21203b5d
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

statustext
OK
date
Mon, 17 Apr 2023 17:05:41 GMT
content-encoding
gzip
x-aspnetmvc-version
4.0
last-modified
Fri, 18 Feb 2022 09:49:32 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
etag
18954868EE0F58E68DC7B7654BC5BB0F
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
x-frame-options
AllowAll
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
content-length
14974
x-ua-compatible
IE=edge
ico-mais.png
t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ 		304 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ico-mais.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
201.90.114.102 Belém, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
2f00a55ead5f3a0e71d787e3abe319f80fb2c7fa396462e0e564224152ebcad3
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

statustext
OK
date
Mon, 17 Apr 2023 17:05:41 GMT
content-encoding
gzip
x-aspnetmvc-version
4.0
last-modified
Fri, 18 Feb 2022 15:58:48 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
etag
AAD7FC5A8E838EB27BF523F5EE86CDA1
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
x-frame-options
AllowAll
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
content-length
321
x-ua-compatible
IE=edge
bg-depoimentos-fundo-azul.png
t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/bg-depoimentos-fundo-azul.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
201.90.114.102 Belém, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
c3b0b9c27918fc81b2e8ebcc325faa67560b7dc9a1f0437d9fbc72ecedc039ab
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

statustext
OK
date
Mon, 17 Apr 2023 17:05:42 GMT
content-encoding
gzip
x-aspnetmvc-version
4.0
last-modified
Fri, 18 Feb 2022 19:22:50 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
etag
42FB0D410D4C9283E5243246EFE80718
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
x-frame-options
AllowAll
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
content-length
19043
x-ua-compatible
IE=edge
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 17:38:41 GMT
x-content-type-options
nosniff
age
170933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Apr 2024 17:38:41 GMT
dailyaccess
oncorretor.com.br/sys/ 		0
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/sys/dailyaccess
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/scripts/bundles/bundleJQuery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Accept
*/*
Referer
https://oncorretor.com.br/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

statustext
OK
date
Mon, 17 Apr 2023 17:07:34 GMT
x-aspnetmvc-version
4.0
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET, ARR/3.0
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyMz8mNR4XslW9XyDSA5QNHKGz%2FQuCPrAWFzx7Soivi4OfcbNKfF%2FRheZEwOkvB9aeV8U1Ko9NXBOPaxm55yvHYHQWEhc7CljQvx%2FERN2zwosHMcEJ3%2BzHjsOjjx8zXOEEArHxw98r2VoES2EQllwg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private
cf-ray
7b9643dd9b9e9c0c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-ua-compatible
IE=edge
logo-novo.png
oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/logo-novo.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
955139a6a1bde39ba8e112a8b38f7c215573155230749bb62748ea5b91f55f47
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
43365
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 12 Apr 2022 11:14:55 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roJ4NhMF%2Bs6iGIdnbzVCy7pwgeUGAI7mTplpbqPls6RJput1UQC259larnKmU5hMnVwn5lPZ1wNzi0GNWemDHtuqzlIqDy0RSHzzHOp%2FkjdgG%2BA63A89jsmlI3sJVVxZKiMDyjOyIaL4DihW0wptvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=604800
cf-ray
7b9643ddabb09c0c-FRA
statustext
OK
PortoRoobert-SemiBold.woff2
oncorretor.com.br/content/themes/base/fonts/porto-robert/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/base/fonts/porto-robert/PortoRoobert-SemiBold.woff2
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
cc55d50d5533ee1a4fd2e6e51987ea8f876adc06b48f94f26ba759047ee7b6ba
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:34 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29184
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:24 GMT
server
cloudflare
etag
"2348c32d2e4d81:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5GkTkA6me2XfFbXjbQmfIUiMi5%2F%2FMlsavVJrDuR2DfklQs9STHRhu7bb%2BLgeByqQYNYQXjgmNFefOOaeOSPwb02xT4Qh0dgRhK6LqGXxXXqUYEEHiVyPOdA2MP6TFt5w8MJdFgadDDlAXnqbE%2Fy8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7b9643ddabba9c0c-FRA
statustext
OK
www-player.css
www.youtube.com/s/player/36754c51/ Frame BF3C 		399 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/36754c51/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfb14c36ee35bd07cb95bb56428c4b63c99a2818ed5fb70c4fe81f8bc10c8126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 13:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
13097
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51993
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 00:21:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 16 Apr 2024 13:29:17 GMT
www-embed-player.js
www.youtube.com/s/player/36754c51/www-embed-player.vflset/ Frame BF3C 		349 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/36754c51/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9d7f0384afc048bb87d17f73d7636ed88251864d13d29f3be46cc6abbda067f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 15:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
4335
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110882
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 00:21:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 16 Apr 2024 15:55:19 GMT
base.js
www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/ Frame BF3C 		2 MB
619 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87b7bf70786630f93ce0accd9c42a90918e77a0617a266fbdf317ed54b65a57a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 15:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
177863
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
633325
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 00:21:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 14 Apr 2024 15:43:11 GMT
fetch-polyfill.js
www.youtube.com/s/player/36754c51/fetch-polyfill.vflset/ Frame BF3C 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/36754c51/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 16:47:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
1229
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 00:21:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 16 Apr 2024 16:47:05 GMT
pt.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/ 		20 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/pt.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157cef6e4bf8b2f6648030cec38d547ae654e35bca30baa4201dfc12031a6ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
pD91Xah8p1mVB+xlu8vNyg==
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7803
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:39 GMT
server
cloudflare
etag
0x8D86548CB345E78
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
dbda22f3-b01e-0034-254e-6e8b33000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b9643ddeeeb9bac-FRA
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BF3C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:31:08 GMT
x-content-type-options
nosniff
age
542186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:31:08 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BF3C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 16:40:37 GMT
x-content-type-options
nosniff
age
260817
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Apr 2024 16:40:37 GMT
otFlat.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otFlat.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
R7qOr1WClmhADOzbz5s+Bw==
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3248
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:20 GMT
server
cloudflare
etag
0x8D854CC0AEB8866
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
852f24e6-101e-005f-75ce-6fd665000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b9643de580f9bac-FRA
expires
Tue, 18 Apr 2023 17:07:34 GMT
otPcTab.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		57 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otPcTab.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 17 Apr 2023 17:07:34 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Mg7iJdVoxVGmqw/VwCobbQ==
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14112
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:22 GMT
server
cloudflare
etag
0x8D854CC0BEE9132
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
96a19150-701e-0000-6343-6c249b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b9643de58119bac-FRA
expires
Tue, 18 Apr 2023 17:07:34 GMT
id
googleads.g.doubleclick.net/pagead/ Frame BF3C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4b2e35c7740668566ec57dfc57b5d10debbfbf69752970fdaf54051ca62b556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 17 Apr 2023 17:07:34 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame BF3C 		29 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:06:08 GMT
x-content-type-options
nosniff
age
86
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Apr 2023 17:21:08 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 17 Apr 2023 17:07:34 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BF3C 		66 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
17e07433a604951f419b9e26090ca86ab5fa56604dab055c5e4a067620f5696e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 17 Apr 2023 17:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31174
x-xss-protection
0
remote.js
www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/ Frame BF3C 		116 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23f0974f5a5a9578fa2bf2b7211a29d4c6df1fca74f8291e5258c43482df534b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 03:20:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
49618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36566
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 00:21:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 16 Apr 2024 03:20:36 GMT
Q7HKpAo5xAdI8hJakOcHWgfuIV1tfxiK6LUilzZiPbM.js
www.google.com/js/th/ Frame BF3C 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/Q7HKpAo5xAdI8hJakOcHWgfuIV1tfxiK6LUilzZiPbM.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43b1caa40a39c40748f2125a90e7075a07ee215d6d7f188ae8b5229736623db3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 15:05:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
7300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14384
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 13:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 15:05:54 GMT
hqdefault.webp
i.ytimg.com/vi_webp/NFhZ1WJYYy0/ Frame BF3C 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/NFhZ1WJYYy0/hqdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19c8e4a779d69e8a000b558766466ef9d732f554170eae795bf2570b7be02f90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:35 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8612
x-xss-protection
0
server
sffe
etag
"1587730858"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 17 Apr 2023 19:07:35 GMT
embed.js
www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/ Frame BF3C 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c4dc5924fd04f9ebd8bb7367ace6362e2e9f497d3b4cd556b10eb1215785ebd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 14:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
11030
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9035
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 00:21:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 16 Apr 2024 14:03:45 GMT
truncated
/ Frame BF3C 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/png
AGIKgqN-r6fQ_bxJaKOTD8Nl3JPEezBN9n1jBpYqIA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame BF3C 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AGIKgqN-r6fQ_bxJaKOTD8Nl3JPEezBN9n1jBpYqIA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dc91aba1c20d01aeba865b192be8f66177a3f04a7d77f06dfc7763369a0941f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:35 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1264
x-xss-protection
0
expires
Tue, 18 Apr 2023 17:07:35 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BF3C 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a8cd27271d1230f09fee5c9db15e60dbf48366db3dce460192217e7baea8eded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 17 Apr 2023 17:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 17 Apr 2023 17:07:35 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame BF3C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 17:07:35 GMT
generate_204
www.youtube.com/ Frame BF3C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?w1dksQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 17:07:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/112/ Frame BF3C 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/112/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 15:26:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14872
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 16:06:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 18 Apr 2023 15:26:12 GMT
log_event
www.youtube.com/youtubei/v1/ Frame BF3C 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/36754c51/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
X-Goog-Request-Time
1681751257154
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
X-YouTube-Client-Version
1.20230411.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgs2TUpTdzR5Q3R2NCjW-fWhBg%3D%3D
X-YouTube-Ad-Signals
dt=1681751254760&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C700%2C394&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 17 Apr 2023 17:07:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Mon, 17 Apr 2023 17:07:37 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.ipify.org
URL
https://api.ipify.org/?format=jsonp&callback=jQuery17107646365892523559_1681751254502&_=1681751254532

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| OneTrustStub function| OptanonWrapper string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData function| RemoverClasseImgLoadDataEcho object| _arrMaps object| html5 object| Modernizr function| yepnope object| Optanon object| OneTrust function| $ function| jQuery function| ShowLayoutEmpty function| ValidateCpf function| ValidateCnpj object| tao function| isMobile function| NodeInfo object| jQuery17107646365892523559 function| $DNA_Web function| $DNA_Page function| $DNA_FUC_InstallPKG function| $DNA_Application object| echo string| ip boolean| allowCookie function| aceitarCookie boolean| existeMensagemAviso function| fecharModalMensagemAviso function| setCookie function| getCookie function| checkCookie function| jQuery17107646365892523559_1681751254502 object| Video string| css boolean| first boolean| chatNaBarra function| mostraChat object| barraMulti number| alturaBarra undefined| divChat function| jivo_onLoadCallback function| jivo_onOpen function| jivo_onClose string| eventType string| eventTypeTel number| webId boolean| fullScreen boolean| aparenciaComFundoImagemTopo function| requireWidgetScript function| countClickVendaOnline function| contaBarra function| bindVideoFullScreen function| onVideoFullScreen function| AtualizarImagemFundoTopo function| abrirModalLoginCorretor function| redirecionarParaLoginCorretor function| validarModalLoginCorretor object| app object| $T

6 Cookies

Domain/Path Name / Value
oncorretor.com.br/ Name: .ASPXANONYMOUS
Value: R9pV8t7tkPGFU0YMq4zQDNk17A8dRraBEBD0E7Bv1M1pX0Uc0Lzr-UsOkhzuqoEjddHUU6G0aOKs1Jaa8GHKeZalUQwwAclalzIz6uUZOJ8HnjWDUlXMRqxnNM8w0f9TAid-ZAynEILMCJBrUGLlKA2
.oncorretor.com.br/ Name: OnCorretorAffinity
Value: fae369e8ce465de06df08f55c28c30eecfea040bb20efc3d0c23b9c253d35db1
oncorretor.com.br/ Name: popup-mensagemAviso-aberto
Value: 0
.youtube.com/ Name: YSC
Value: ko5BPcmesqQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 6MJSw4yCtv4
.oncorretor.com.br/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Mon+Apr+17+2023+17%3A07%3A34+GMT%2B0000+(GMT)&version=6.6.0&hosts=&consentId=72743402-8b42-4fde-9426-117c19b916be&interactionCount=0&landingPath=https%3A%2F%2Foncorretor.com.br%2F&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options AllowAll

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
cdn-ukwest.onetrust.com
construtor.oncorretor.com.br
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
oncorretor.com.br
static.doubleclick.net
t-construtor.mstech.com.br
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
api.ipify.org
201.90.114.102
2606:4700:3037::ac43:a841
2606:4700:4400::ac40:9062
2a00:1450:4001:803::200a
2a00:1450:4001:806::2001
2a00:1450:4001:806::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2004
2a00:1450:4001:811::2006
2a00:1450:4001:812::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2016
2a00:1450:4001:830::2002
055740ee6c82f82a64354b7916b547e6946ba467dbbf6bf0c1c4eae0eaaedbaf
157cef6e4bf8b2f6648030cec38d547ae654e35bca30baa4201dfc12031a6ab8
17e07433a604951f419b9e26090ca86ab5fa56604dab055c5e4a067620f5696e
19c8e4a779d69e8a000b558766466ef9d732f554170eae795bf2570b7be02f90
1c08d75229d36229f9db2aac485b2fd3d0a48c787afecbbbb8058d3fa0cda8d2
1e3e738cbaa772a437bd8bd392009a42523e6016fcc8cbd526c57c8f57be3142
1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae
1facb73bf4ab09d88c0d7afb15a478bd24841ea3710a595186947939e53c0782
21466243c4482fa9843b9b7bb460076520cab54532c018a86c9151db666bac40
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
21bcdb45a9da93f60db773abfc0660347b15f2f363baacf2b2be56747befc3d8
228e5724f42da8822bb4c023aa371dd929c43657c76a7a0cb6b13f555a29f79a
23f0974f5a5a9578fa2bf2b7211a29d4c6df1fca74f8291e5258c43482df534b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26e3c64b00ad8007a54332911a6c5a67c1a7d6303e51d7f24b90ee6fa91f1297
2f00a55ead5f3a0e71d787e3abe319f80fb2c7fa396462e0e564224152ebcad3
34a693cbdc7707515a18d4a070c9422d9ffa212148ffc19407e7da937e0bffc4
37f117fe797c82efbddf3dc26f13fa2a5e95897ea8d9b695de7caf206dd27565
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40f23f7fb2798d8febd60d5c42ea1694370b18e5fe91fbe7783df98358d7973b
41bba2536c7561e281809703bf9437582bfa1ce4862a9fbd80a5778d773e9f60
41dfba8c597663a81aa3b5685cbfeb86ec2eb49ac5663bd3232f0aa42862ffcb
43b1caa40a39c40748f2125a90e7075a07ee215d6d7f188ae8b5229736623db3
4668c1865157dba21d7a7e72a1007e3513a59c16eee8a1740f6c2faa69ff83e9
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4fbe0518411a4427a60e5e7baf7c1b2d11731efd024cb239333ac0d530506456
546cd586e691a114a7dd6a258b7c1e07561b3232226375dc54d80133d687a1f8
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
602e6102a9d386bf6321e43dc289605c5c3d413f98a84abcf9addae89633e1cc
614c2c16836adff497003759038d70809d2413f3e54da26e0400625cea2804d0
622b8e18adba20c7b8f32e9cd7b49b2ebc2a9c6e5a4d31076a84605f38e151ef
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87b7bf70786630f93ce0accd9c42a90918e77a0617a266fbdf317ed54b65a57a
8ce2e0617f95c297d9cdb2ac5a31e520d929122c73a8ab2c22abf17d049cde74
8da30421af9bdda9d9ffa1e2a02f91c4b8b4e6983cb3c9e559627d96ab710d2c
955139a6a1bde39ba8e112a8b38f7c215573155230749bb62748ea5b91f55f47
9bc8fdfb94cb4e458d945c787994ab3bf86abde54200fa60892d05a025d1c3f1
9c4dc5924fd04f9ebd8bb7367ace6362e2e9f497d3b4cd556b10eb1215785ebd
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
a31dd135b233457652c1f5373c3eb05202bf106bef31f0a6a46654e5235f7719
a8cd27271d1230f09fee5c9db15e60dbf48366db3dce460192217e7baea8eded
abff1010af6774dbb9d1c68772e63a66f95b2aeb273af6b272ddc6cc6f9b6cf8
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
b2921cdf4de2dc6ade3d36eeb95dce7cd56bfdac50c346fcfe50cbf7d799b1f9
b4b2e35c7740668566ec57dfc57b5d10debbfbf69752970fdaf54051ca62b556
bfb14c36ee35bd07cb95bb56428c4b63c99a2818ed5fb70c4fe81f8bc10c8126
c3b0b9c27918fc81b2e8ebcc325faa67560b7dc9a1f0437d9fbc72ecedc039ab
c79f1d4b1143b7b00fc82fbc8d80557525d7d127e0203a90ba23fbd8578fedee
ca10229f3a065196ec44c33c8abb504c369eb8d8c1ae45ea995a711d26fc9822
cc55d50d5533ee1a4fd2e6e51987ea8f876adc06b48f94f26ba759047ee7b6ba
ce6187956822e965a48b8f8d5af506c9308282cea73c424c3573013c09c87adb
cfbb7d3aee4af4a0846149bd38dd50b4d12c624a20952150cc60159176a977fb
d0668f33995f935ba82833d444f697f83d9bc10829895199f30aed5eb63ee4c5
d36bf5cd9297a7fceb45510c912556bce0f00977be215b9617da5a9cccb7ff0f
d3ca7c93e7081f8c75b63c797e61736d4e4939fce38c0b0e54c25efb8747a55f
d69055c0bb25f88931abe7a5483ed1a66744a3b2960586c2d93891015a1d3b94
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc91aba1c20d01aeba865b192be8f66177a3f04a7d77f06dfc7763369a0941f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c408ae38a005bd07ee5354fe2e349e6578ed9d28ac65af523486e4873df4ea
e60853622a54f85bfb4bab4c133c54e3a304386dfb19c23c8512d10e50d56bf4
ebfd38a16291aa6acd56699f5839b9c6adc54be515d77bc8b25ac0d044e029ad
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f9d7f0384afc048bb87d17f73d7636ed88251864d13d29f3be46cc6abbda067f
fdb409788f6e7f06297d50fdc6f9dcf2b50682e8d9aeb61890d490fe21203b5d